user created with terraform provider doesn't connect #1337
Description
Hi,
i try to configure warpgate v0.13.3 running on docker
i manage to configure it with
[(https://registry.terraform.io/providers/warp-tech/warpgate/latest/docs/resources/target_role)]
i created to users:
the first one with terraform.
the connection doesn't work.
penSSH_9.6p1 Ubuntu-3ubuntu13.11, OpenSSL 3.0.13 30 Jan 2024
debug1: Reading configuration data /home/jyc/.ssh/config
debug1: Reading configuration data /home/jyc/.ssh/config_jyc
debug1: /home/jyc/.ssh/config line 299: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to XXX.XXX.XXX.XXX [10.X.X.X.X] port 2222.
debug1: Connection established.
debug1: identity file /home/jyc/.ssh/id_rsa type 0
debug1: identity file /home/jyc/.ssh/id_rsa-cert type -1
debug1: identity file /home/jyc/.ssh/id_ecdsa type -1
debug1: identity file /home/jyc/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/jyc/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/jyc/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/jyc/.ssh/id_ed25519 type 3
debug1: identity file /home/jyc/.ssh/id_ed25519-cert type -1
debug1: identity file /home/jyc/.ssh/id_ed25519_sk type 12
debug1: identity file /home/jyc/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/jyc/.ssh/id_xmss type -1
debug1: identity file /home/jyc/.ssh/id_xmss-cert type -1
debug1: identity file /home/jyc/.ssh/id_dsa type -1
debug1: identity file /home/jyc/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.11
debug1: Remote protocol version 2.0, remote software version russh_0.50.2
debug1: compat_banner: no match: russh_0.50.2
debug1: Authenticating to XXX.XXX.XXX.XXX.net:2222 as 'jyc:XXX-jyc'
debug1: load_hostkeys: fopen /home/jyc/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-rsa SHA256:HQpQ0+9Srg4Cdt7Es46byLB5OS9L8tYOBmeB9K8GT6o
debug1: load_hostkeys: fopen /home/jyc/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host '[XXX.XXX.XXX.XXX]:2222' is known and matches the RSA host key.
debug1: Found key in /home/jyc/.ssh/known_hosts:620
debug1: ssh_packet_send2_wrapped: resetting send seqnr 3
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: Sending SSH2_MSG_EXT_INFO
debug1: expecting SSH2_MSG_NEWKEYS
debug1: ssh_packet_read_poll2: resetting read seqnr 3
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_ext_info_client_parse: server-sig-algs=<ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 3 keys
debug1: Will attempt key: /home/jyc/.ssh/id_rsa RSA SHA256:/pUVGh/ZgXj4QR8jbf69jIyFJhRWvbf6IPUhpv+rws0 agent
debug1: Will attempt key: /home/jyc/.ssh/id_ed25519 ED25519 SHA256:yWa4+iEgAWb+esyDt/NOBQNkMAkO8XYkBKNPB9V8oaA agent
debug1: Will attempt key: /home/jyc/.ssh/id_ed25519_sk ED25519-SK SHA256:FM9GpPaUjwRMo1WQot/Gx4APnVVLOV6oF3uZwXtrAD8 authenticator agent
debug1: Will attempt key: /home/jyc/.ssh/id_ecdsa
debug1: Will attempt key: /home/jyc/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/jyc/.ssh/id_xmss
debug1: Will attempt key: /home/jyc/.ssh/id_dsa
debug1: Offering public key: /home/jyc/.ssh/id_rsa RSA SHA256:/pUVGh/ZgXj4QR8jbf69jIyFJhRWvbf6IPUhpv+rws0 agent
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/jyc/.ssh/id_ed25519 ED25519 SHA256:yWa4+iEgAWb+esyDt/NOBQNkMAkO8XYkBKNPB9V8oaA agent
debug1: Authentications that can continue: publickey
debug1: Offering public key: /home/jyc/.ssh/id_ed25519_sk ED25519-SK SHA256:FM9GpPaUjwRMo1WQot/Gx4APnVVLOV6oF3uZwXtrAD8 authenticator agent
debug1: Authentications that can continue: publickey
debug1: Trying private key: /home/jyc/.ssh/id_ecdsa
debug1: Trying private key: /home/jyc/.ssh/id_ecdsa_sk
debug1: Trying private key: /home/jyc/.ssh/id_xmss
debug1: Trying private key: /home/jyc/.ssh/id_dsa
debug1: No more authentication methods to try.
jyc:blah-jyc@XXX.XXX.XXX.XXX: Permission denied (publickey).
the second one, named bob, created on the web interface, with the same ssh private key worked
OpenSSH_9.6p1 Ubuntu-3ubuntu13.11, OpenSSL 3.0.13 30 Jan 2024
debug1: Reading configuration data /home/jyc/.ssh/config
debug1: Reading configuration data /home/jyc/.ssh/config_jyc
debug1: /home/jyc/.ssh/config line 299: Applying options for *
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to XXX.XXX.XXX.XXX [10.X.X.X.X] port 2222.
debug1: Connection established.
debug1: identity file /home/jyc/.ssh/id_rsa type 0
debug1: identity file /home/jyc/.ssh/id_rsa-cert type -1
debug1: identity file /home/jyc/.ssh/id_ecdsa type -1
debug1: identity file /home/jyc/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/jyc/.ssh/id_ecdsa_sk type -1
debug1: identity file /home/jyc/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /home/jyc/.ssh/id_ed25519 type 3
debug1: identity file /home/jyc/.ssh/id_ed25519-cert type -1
debug1: identity file /home/jyc/.ssh/id_ed25519_sk type 12
debug1: identity file /home/jyc/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /home/jyc/.ssh/id_xmss type -1
debug1: identity file /home/jyc/.ssh/id_xmss-cert type -1
debug1: identity file /home/jyc/.ssh/id_dsa type -1
debug1: identity file /home/jyc/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.11
debug1: Remote protocol version 2.0, remote software version russh_0.50.2
debug1: compat_banner: no match: russh_0.50.2
debug1: Authenticating to XXX.XXX.XXX.XXX:2222 as 'bob:XXX-jyc'
debug1: load_hostkeys: fopen /home/jyc/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: rsa-sha2-512
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-rsa SHA256:HQpQ0+9Srg4Cdt7Es46byLB5OS9L8tYOBmeB9K8GT6o
debug1: load_hostkeys: fopen /home/jyc/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host '[XXX.XXX.XXX.XXX]:2222' is known and matches the RSA host key.
debug1: Found key in /home/jyc/.ssh/known_hosts:620
debug1: ssh_packet_send2_wrapped: resetting send seqnr 3
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: Sending SSH2_MSG_EXT_INFO
debug1: expecting SSH2_MSG_NEWKEYS
debug1: ssh_packet_read_poll2: resetting read seqnr 3
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_ext_info_client_parse: server-sig-algs=<ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: get_agent_identities: bound agent to hostkey
debug1: get_agent_identities: agent returned 3 keys
debug1: Will attempt key: /home/jyc/.ssh/id_rsa RSA SHA256:/pUVGh/ZgXj4QR8jbf69jIyFJhRWvbf6IPUhpv+rws0 agent
debug1: Will attempt key: /home/jyc/.ssh/id_ed25519 ED25519 SHA256:yWa4+iEgAWb+esyDt/NOBQNkMAkO8XYkBKNPB9V8oaA agent
debug1: Will attempt key: /home/jyc/.ssh/id_ed25519_sk ED25519-SK SHA256:FM9GpPaUjwRMo1WQot/Gx4APnVVLOV6oF3uZwXtrAD8 authenticator agent
debug1: Will attempt key: /home/jyc/.ssh/id_ecdsa
debug1: Will attempt key: /home/jyc/.ssh/id_ecdsa_sk
debug1: Will attempt key: /home/jyc/.ssh/id_xmss
debug1: Will attempt key: /home/jyc/.ssh/id_dsa
debug1: Offering public key: /home/jyc/.ssh/id_rsa RSA SHA256:/pUVGh/ZgXj4QR8jbf69jIyFJhRWvbf6IPUhpv+rws0 agent
debug1: Server accepts key: /home/jyc/.ssh/id_rsa RSA SHA256:/pUVGh/ZgXj4QR8jbf69jIyFJhRWvbf6IPUhpv+rws0 agent
Authenticated to XXX.XXX.XXX.XXX ([10.X.X.X]:2222) using "publickey".
debug1: channel 0: new session [client-session] (inactive timeout: 0)
debug1: Entering interactive session.
debug1: pledge: filesystem
debug1: Sending environment.
debug1: channel 0: setting env LC_ADDRESS = "fr_FR.UTF-8"
debug1: channel 0: setting env LC_NAME = "fr_FR.UTF-8"
debug1: channel 0: setting env LC_MONETARY = "fr_FR.UTF-8"
debug1: channel 0: setting env LC_PAPER = "fr_FR.UTF-8"
debug1: channel 0: setting env LANG = "fr_FR.UTF-8"
debug1: channel 0: setting env LC_IDENTIFICATION = "fr_FR.UTF-8"
debug1: channel 0: setting env LC_TELEPHONE = "fr_FR.UTF-8"
debug1: channel 0: setting env LC_MEASUREMENT = "fr_FR.UTF-8"
debug1: channel 0: setting env LC_TIME = "fr_FR.UTF-8"
debug1: channel 0: setting env LC_NUMERIC = "fr_FR.UTF-8"
Warpgate Selected target: XXX-jyc
Warpgate Host key (ssh-ed25519): AAAAC3NzaC1lZDI1NTE5AAAAIFT1kbnBIiLrlwu35kvf3iVqFyX3xc+1kPxvaOMOHouI
✓ Warpgate connected
XXX.XXX.XXX-jyc 6.1.0-27-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.115-1 (2024-11-01) x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Mon May 19 14:53:36 2025 from 10.XX.XX.X
both users have the same role.
both users have the same public ssh key.
with the first one
debug1: Offering public key: /home/jyc/.ssh/id_rsa RSA SHA256:/pUVGh/ZgXj4QR8jbf69jIyFJhRWvbf6IPUhpv+rws0 agent
debug1: Authentications that can continue: publickey
with bob
debug1: Offering public key: /home/jyc/.ssh/id_rsa RSA SHA256:/pUVGh/ZgXj4QR8jbf69jIyFJhRWvbf6IPUhpv+rws0 agent
debug1: Server accepts key: /home/jyc/.ssh/id_rsa RSA SHA256:/pUVGh/ZgXj4QR8jbf69jIyFJhRWvbf6IPUhpv+rws0 agent
on the docker log, i get
15:16:49 ERROR Session failed error=early eof
15:16:49 INFO Closed session
15:16:49 INFO SSH: Client session closed session=a648cffa-01db-4bc1-8868-edf25ac66824
15:16:49 INFO SSH: Closed connection session=a648cffa-01db-4bc1-8868-edf25ac66824
maybe i'm the PEBKAC of the day.